netfilter: nft_connlimit: add support to object update operation (c4cbe4a4) · Commits · git / linux-nf

net/netfilter/nft_connlimit.c

+12 −1

Original line number	Diff line number	Diff line
		@@ -44,7 +44,7 @@ static inline void nft_connlimit_do_eval(struct nft_connlimit *priv,

		count = READ_ONCE(priv->list->count);

		if ((count > priv->limit) ^ priv->invert) {
		if ((count > READ_ONCE(priv->limit)) ^ READ_ONCE(priv->invert)) {
		regs->verdict.code = NFT_BREAK;
		return;
		}
		@@ -131,6 +131,16 @@ static int nft_connlimit_obj_init(const struct nft_ctx *ctx,
		return nft_connlimit_do_init(ctx, tb, priv);
		}

		static void nft_connlimit_obj_update(struct nft_object *obj,
		struct nft_object *newobj)
		{
		struct nft_connlimit *newpriv = nft_obj_data(newobj);
		struct nft_connlimit *priv = nft_obj_data(obj);

		WRITE_ONCE(priv->limit, newpriv->limit);
		WRITE_ONCE(priv->invert, newpriv->invert);
		}

		static void nft_connlimit_obj_destroy(const struct nft_ctx *ctx,
		struct nft_object *obj)
		{
		@@ -160,6 +170,7 @@ static const struct nft_object_ops nft_connlimit_obj_ops = {
		.init = nft_connlimit_obj_init,
		.destroy = nft_connlimit_obj_destroy,
		.dump = nft_connlimit_obj_dump,
		.update = nft_connlimit_obj_update,
		};

		static struct nft_object_type nft_connlimit_obj_type __read_mostly = {